Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud Security //

SaaS

3/14/2018
12:00 PM
Carol Wilson
Carol Wilson
News Analysis-Security Now
50%
50%

Equinix SmartKey Makes Encryption Easier

New SaaS offering doesn't provide encryption but puts encryption keys safely where they are needed most in a multicloud environment.

Equinix is making its first foray into offering security-as-a-service this week with the SmartKey offering it announced Monday, promising its enterprise customers to make it easier to encrypt and protect their data as it traverses multiple cloud environments.

The move represents the rising strategic importance to Equinix of its enterprise customer base -- the fastest growing segment of customers, says Lance Weaver, vice president of Emerging Services at Equinix Inc. (Nasdaq: EQIX). But it also represents the ongoing concerns enterprises have about security in a multicloud environment as more data is being shared with more cloud providers.

Add to that the looming GDPR compliance requirements coming out of the European Union, and encryption moves more to the center stage, Weaver says.

"Businesses want to apply a consistent posture against all the services they are using in a multicloud environment," he comments in an interview. "Encryption is considered a best practice for doing that."

What SmartKey does is make it operationally easier to implement encryption. Equinix is already providing a Cloud Exchange and serving as the connection point to multiple clouds for its enterprise customers, with nodes deployed globally, close to the most popular public clouds.

"We are not performing the actual encryption," Weaver explains. "Every time encryption happens, there is a need for an encryption key with the ability to unlock the data. The question then becomes, how do I store that key? It needs to be proximate and it needs to be able to apply across the multicloud in a cloud-neutral fashion."

SmartKey provides that secure key management function that is "operationally efficient, simple and easy to use" but also highly secure, he adds.

Equinix teamed with Fortanix Runtime Encryption and Intel Corp. (Nasdaq: INTC) on the product. Fortanix's HSM [hardware security module] provides the protection of data in transit, in storage and in memory, Weaver says, and Equinix now brings this to the SaaS model. Intel's SGX provides the critical protection of the encryption keys.

"Intel's SGX has been in development for a number of years and the purpose is to provide trust in untrusted environment," Weaver says. The technology prevents intrusion into its "enclave" by malicious software or root manipulation of the systems.


The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth annual Big Communications Event. There's still time to register and communications service providers get in free!

"Our product is the first security key service generally available leveraging that technology, in software," he adds. "That provides the ability for the service operation, in this case a cloud service that we are offering, where we can make it simple and easy to use operationally."

Equinix is already experienced at securing its data centers but is now likely to be looking at future security services, as the need for those evolves, Weaver says.

— Carol Wilson, Editor-at-Large, Light Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3331
PUBLISHED: 2021-01-27
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)
CVE-2021-3326
PUBLISHED: 2021-01-27
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
CVE-2021-22641
PUBLISHED: 2021-01-27
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
CVE-2021-22653
PUBLISHED: 2021-01-27
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
CVE-2021-22655
PUBLISHED: 2021-01-27
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).